IPv6 DNS Queries Not Resolving

App & System Services Networking
LiamMacP OP
Created 4d
Replies 3
Boosts 0
Views 111
Participants 2

Forward posting from the Swift Forums.

Within my iOS project (thesis project) I have set up a MITM server that is being sent data from a Packet Tunnel Provider. I am currently seeing that all IPv6 requests aren't able to have their IP address resolved when passed to Swift NIO that uses the default system DNS resolver.

On the Packet Tunnel Provider, I have set it to use the DNS's 8.8.8.8 and 8.8.4.4 that are also the system defaults. I have also attempted to use my routers DNS routing to no avail. Both v4 and v6 traffic are proxied to the MITM server that uses Swift NIO, with v4 traffic successfully being processed on ingress and egress as intended. IPv6 traffic is failing to resolve with the following error:

dev.thesis.apps.LocalProxyServer.ConnectHandler : [LocalPacketTunnelProvider] Connect failed: NIOConnectionError(host: "ipv6.mythic-beasts.com", port: 443, dnsAError: Optional(NIOCore.SocketAddressError.unknown(host: "ipv6.mythic-beasts.com", port: 443)), dnsAAAAError: Optional(NIOCore.SocketAddressError.unknown(host: "ipv6.mythic-beasts.com", port: 443)), connectionErrors: [])

ipv6.mythic-beasts.com for the purposes of this is just a test website I am using that only has a AAAA record associated with it:

When not connected to the Packet Tunnel Provider, the website is successfully resolved and can be viewed within the browser - so I have narrowed it down to either the server or tunnel configuration.

The server uses the GetaddrinfoResolver, that utilises the iOS's system default DNS resolver. This should conform to necessary RFC.

Could anyone provide me with a reason why this could be happening and if possible a link to a resource that could assist with remediating the issue? I'll be the first to admit this isn't my forte so would appreciate some support if possible.

I am aware that this isn't an expected use cases for Network Extension packet tunnel providers (as per TN3120). I'm just concerned as IPv4 DNS records are resolving but IPv6 aren't so wondering if this is a wider issue. would expect the system DNS resolver to still work as intended though.

Replies  3
Boosts  0
Views  111
Participants  2
DTS Engineer OP
Apple
3d

Is this MITM server running within your packet tunnel provider process?

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
LiamMacP OP
3d

At present it is as its tightly coupled to the Packet Tunnel Provider due to only needing to be ran when the VPN link is active and for its lifecycle to be linked to that - enables it to run when the app is closed but VPN active and not get garbage collected.

Is this a quirk with it running within the same process? I presume the first suggestion is to spin out the server into its own process (using this?) and just maintain a reference in the Packet Tunnel Provider?

0
DTS Engineer OP
Apple
10h
Is this a quirk with it running within the same process?

Possibly. When you see different behaviour in an app versus an NE provider, that’s usually because of NECP. See A Peek Behind the NECP Curtain for more on that. However, I need to better understand your setup before I can say anything for certain.

I presume the first suggestion is to spin out the server into its own process

No. You can’t start arbitrary background processes on iOS.

Please post some details about how your packet tunnel provider is configuring the tunnel. That is, the relevant settings your pass to setTunnelNetworkSettings(_:completionHandler:).

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
IPv6 DNS Queries Not Resolving
First post date Last post date
 
 
Q